[j-nsp] JNCIP EBGP Case Study...

Hoogen hoogen82 at gmail.com
Thu Oct 29 18:29:19 EDT 2009


I guess for the solution to work we need to have

autonomous-system 65001 loops 3;

This would make sure we get those routes.

-Hoogen

On Thu, Oct 29, 2009 at 2:56 PM, Hoogen <hoogen82 at gmail.com> wrote:

> Okay.. Earlier task required while accepting routes from peer to tag them
> with a community and prepend them with as number 65412 twice... I notice
> that when I deactivate that.. It works.. So obviously R3 is considering the
> routes received from R1 with prepend of 65412 for all P1 routes to be some
> sort of as loop... So I guess there is something wrong about it..
>
> Page 568 of the JNCIP books...
>
> -Hoogen
>
>
> On Thu, Oct 29, 2009 at 2:05 PM, Hoogen <hoogen82 at gmail.com> wrote:
>
>> R1
>>
>> lab at R1> show configuration routing-options
>> static {
>>     route 10.0.200.0/24 {
>>         next-hop 10.0.1.102;
>>         no-readvertise;
>>     }
>>     route 192.168.10.0/24 reject;
>>     route 192.168.100.0/24 reject;
>>     route 10.0.0.0/8 {
>>         next-hop 10.0.4.13;
>>         qualified-next-hop 10.0.4.6 {
>>             preference 10;
>>         }
>>     }
>> }
>> martians {
>>     192.0.2.0/24 orlonger;
>> }
>> autonomous-system 65000;
>> confederation 65412 members [ 65000 65001 65002 ];
>>
>> lab at R1>
>>
>> lab at R1> show configuration protocols bgp
>>  group 65000 {
>>     type internal;
>>     local-address 10.0.6.1;
>>     export ibgp;
>>     neighbor 10.0.3.3;
>> }
>> group p1 {
>>     type external;
>>     import peer-filter-in;
>>     export p1-export;
>>     neighbor 10.0.5.254 {
>>         peer-as 1492;
>>     }
>> }
>>
>> lab at R1>
>>
>> lab at R1> show configuration policy-options policy-statement ibgp
>> term 1 {
>>     from {
>>         protocol static;
>>         route-filter 192.168.10.0/24 exact;
>>     }
>>     then accept;
>> }
>> term 2 {
>>     from {
>>         protocol static;
>>         route-filter 192.168.100.0/24 exact;
>>     }
>>     then {
>>         metric 101;
>>         local-preference 101;
>>         community add no-export;
>>         accept;
>>     }
>> }
>>
>> lab at R1>
>>
>> R3 Configuration
>>
>> lab at R3> show configuration routing-options
>> static {
>>     route 10.0.200.0/24 {
>>         next-hop 10.0.1.102;
>>         no-readvertise;
>>     }
>>     route 192.168.30.0/24 reject;
>> }
>> martians {
>>     192.0.2.0/24 orlonger;
>> }
>> aggregate {
>>     route 10.0.4.0/22;
>> }
>> autonomous-system 65000;
>> confederation 65412 members [ 65000 65001 65002 ];
>>
>> lab at R3>
>>
>> lab at R3> show configuration protocols bgp
>> advertise-inactive;
>> group 65000 {
>>     type internal;
>>     local-address 10.0.3.3;
>>     export ibgp;
>>     neighbor 10.0.6.1;
>> }
>> group c-bgp {
>>     type external;
>>     multihop;
>>     local-address 10.0.3.3;
>>     export ibgp;
>>     neighbor 10.0.3.4 {
>>         hold-time 180;
>>         peer-as 65001;
>>     }
>>     neighbor 10.0.3.5 {
>>         peer-as 65002;
>>     }
>> }
>> group t1-t2 {
>>     type external;
>>     damping;
>>      import [ damp trans-filter-in ];
>>     export [ no-192-24s prepend ];
>>     remove-private;
>>     multipath;
>>     neighbor 172.16.0.14 {
>>         peer-as 65222;
>>     }
>>     neighbor 172.16.0.18 {
>>         peer-as 65222;
>>     }
>> }
>>
>> lab at R3>
>>
>>
>> lab at R3> show configuration policy-options policy-statement ibgp
>> term 1 {
>>     from {
>>         protocol static;
>>         route-filter 192.168.30.0/24 exact;
>>     }
>>     then accept;
>> }
>> term 2 {
>>     from community trans-1-2;
>>     then {
>>         next-hop self;
>>     }
>> }
>>
>> lab at R3>
>>
>> Thanks for your help guys..
>>
>> -Hoogen
>>
>> On Thu, Oct 29, 2009 at 3:36 AM, Sean Clarke <sean at clarke-3.demon.nl>wrote:
>>
>>>
>>> What is in your ibgp export policy from R1 to R3  ? Are you putting
>>> something in there to cause an issue ?
>>>
>>>
>>>
>>>
>>>
>>>
>>> On 10/29/09 10:43 AM, Hoogen wrote:
>>>
>>> Hi Felix,
>>>
>>>  Thank you for the reply..
>>>
>>>  I am not sure how that 17 hidden routes came into play... But its not
>>> there now.. I still see the issue..
>>>
>>>  I had already checked the hidden routes..and those are not the ones
>>> which are hiding
>>>
>>>   lab at R3# run show route receive-protocol bgp 10.0.6.1 hidden extensive
>>>
>>>  inet.0: 66 destinations, 85 routes (63 active, 0 holddown, 3 hidden)
>>>
>>>  __juniper_private1__.inet.0: 2 destinations, 2 routes (2 active, 0
>>> holddown, 0 hidden)
>>>
>>>  iso.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
>>>
>>>  [edit]
>>> lab at R3#
>>>
>>>  lab at R3# run show route receive-protocol bgp 10.0.6.1
>>>
>>>
>>>  inet.0: 66 destinations, 85 routes (63 active, 0 holddown, 3 hidden)
>>>   Prefix                  Nexthop              MED     Lclpref    AS path
>>> * 192.168.10.0/24         10.0.6.1                     100        I
>>> * 192.168.100.0/24        10.0.6.1             101     101        I
>>>
>>>  __juniper_private1__.inet.0: 2 destinations, 2 routes (2 active, 0
>>> holddown, 0 hidden)
>>>
>>>  iso.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
>>>
>>>  [edit]
>>> lab at R3#
>>>
>>>  lab at R3# run show route protocol bgp hidden extensive
>>>
>>>  inet.0: 66 destinations, 85 routes (63 active, 0 holddown, 3 hidden)
>>> 172.17.0.0/16 (1 entry, 0 announced)
>>>          BGP                 /-101
>>>                 Next-hop reference count: 2
>>>                 Source: 172.16.0.14
>>>                 Next hop: 172.16.0.14 via ge-0/0/0.0, selected
>>>                 State: <Hidden Ext>
>>>                 Local AS: 65000 Peer AS: 65222
>>>                 Age: 1:27:54
>>>                 Task: BGP_65222.172.16.0.14+3227
>>>                 AS path: 65222 I
>>>                 Localpref: 100
>>>                 Router ID: 130.130.0.1
>>>
>>>  192.0.2.0/24 (1 entry, 0 announced)
>>>          BGP                 /-101
>>>                 Next-hop reference count: 5
>>>                 Source: 172.16.0.18
>>>                 Next hop: 172.16.0.18 via ge-0/0/3.0, selected
>>>                 State: <Hidden Martian Ext>
>>>                 Local AS: 65000 Peer AS: 65222
>>>                 Age: 1:28:19
>>>                 Task: BGP_65222.172.16.0.18+179
>>>                 AS path: 65222 I
>>>                 Communities: 65412:102
>>>                 Localpref: 100
>>>                 Router ID: 130.130.0.2
>>>
>>>  220.0.0.0/28 (1 entry, 0 announced)
>>>          BGP                 /-101
>>>                 Next-hop reference count: 5
>>>                 Source: 172.16.0.18
>>>                 Next hop: 172.16.0.18 via ge-0/0/3.0, selected
>>>                 State: <Hidden Ext>
>>>                 Local AS: 65000 Peer AS: 65222
>>>                 Age: 1:28:19
>>>                 Task: BGP_65222.172.16.0.18+179
>>>                 AS path: 65222 I
>>>                 Localpref: 100
>>>                 Router ID: 130.130.0.2
>>>
>>>  __juniper_private1__.inet.0: 2 destinations, 2 routes (2 active, 0
>>> holddown, 0 hidden)
>>>
>>>  iso.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
>>>
>>> [edit]
>>> lab at R3#
>>>
>>>
>>>  The one I am concerned is with group 65000 and I don't have any import
>>> policy to deny anything there..
>>>
>>>   [edit]
>>> lab at R3# show protocols bgp
>>> advertise-inactive;
>>> group 65000 {
>>>     type internal;
>>>     local-address 10.0.3.3;
>>>     export ibgp;
>>>     neighbor 10.0.6.1;
>>> }
>>> group c-bgp {
>>>     type external;
>>>     multihop;
>>>     local-address 10.0.3.3;
>>>     export ibgp;
>>>     neighbor 10.0.3.4 {
>>>         hold-time 180;
>>>         peer-as 65001;
>>>     }
>>>     neighbor 10.0.3.5 {
>>>         peer-as 65002;
>>>     }
>>> }
>>> group t1-t2 {
>>>     type external;
>>>     damping;
>>>     import [ damp trans-filter-in ];
>>>     export [ no-192-24s prepend ];
>>>     remove-private;
>>>     multipath;
>>>     neighbor 172.16.0.14 {
>>>         peer-as 65222;
>>>     }
>>>     neighbor 172.16.0.18 {
>>>         peer-as 65222;
>>>     }
>>> }
>>>
>>>  [edit]
>>> lab at R3#
>>>
>>>  This is really strange.. I compared the solutions, and there seems
>>> nothing wrong..
>>>
>>>  -Hoogen
>>>
>>>  On Thu, Oct 29, 2009 at 1:59 AM, Felix Schueren <
>>> felix.schueren at hosteurope.de> wrote:
>>>
>>>> Hoogen,
>>>>
>>>> Hoogen wrote:
>>>> >>> Now R3 only receives
>>>> >>>
>>>> >>> lab at R3# run show route receive-protocol bgp 10.0.6.1
>>>> >>>
>>>> >>> inet.0: 66 destinations, 106 routes (63 active, 0 holddown, 17
>>>> hidden)
>>>> >>>   Prefix                  Nexthop              MED     Lclpref    AS
>>>> path
>>>> >>> * 192.168.10.0/24         10.0.6.1                     100        I
>>>> >>> * 192.168.100.0/24        10.0.6.1             101     101        I
>>>> >>>
>>>>  please do
>>>> show route receive-protocol bgp 10.0.6.1 hidden extensive
>>>>
>>>> also paste
>>>> show configuration protocols bgp
>>>>
>>>> both from R3
>>>>
>>>> Kind regards,
>>>>
>>>> Felix
>>>>
>>>> --
>>>> Felix Schüren
>>>> Head of Network
>>>>
>>>> -----------------------------------------------------------------------
>>>> Host Europe GmbH - http://www.hosteurope.de
>>>> Welserstraße 14 - 51149 Köln - Germany
>>>> Telefon: 0800 467 8387 - Fax: +49 180 5 66 3233 (*)
>>>> HRB 28495 Amtsgericht Köln - USt-IdNr.: DE187370678
>>>> Geschäftsführer:
>>>> Uwe Braun - Alex Collins - Mark Joseph - Patrick Pulvermüller
>>>>
>>>> (*) 0,14 EUR/Min. aus dem dt. Festnetz, Mobilfunkpreise ggf. abweichend
>>>>
>>>
>>>
>>>
>>>
>>
>


More information about the juniper-nsp mailing list